Privacy Policy | Timekeep

1. Introduction

Timekeep is committed to protecting the personal data of our users and their employees. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations.

2. Data Controller

Timekeep, operated at old.timekeep.ph, is the Personal Information Controller as defined under RA 10173. For data privacy concerns, contact us at support@timekeep.ph.

3. Personal Data We Collect

Account Data

Company name
Email address
Password (stored as a secure hash, never in plain text)

Employee Data

Full name, position, date of birth, contact information
TIN, SSS number, PhilHealth number, Pag-IBIG number

Biometric Data

Facial photographs used for kiosk clock-in verification

Time & Attendance Data

Clock-in/out timestamps
GPS location (if enabled by the employer)
Late, overtime, and undertime records

Payroll Data

Salary rates and deductions
Computed statutory contributions (SSS, PhilHealth, Pag-IBIG, withholding tax)
Net pay computations

Usage Data

Pages visited and feature usage (no personal identifiers)

4. Purpose of Processing

We process personal data to:

Provide the Service, including time tracking, scheduling, and payroll computation
Compute Philippine statutory deductions (SSS, PhilHealth, Pag-IBIG, withholding tax)
Generate payslips and payroll reports
Verify employee identity via kiosk clock-in
Comply with Philippine labor and tax laws

5. Legal Basis for Processing

Consent: provided during account creation and biometric enrollment
Performance of contract: necessary to deliver the Service under your Subscription
Legal obligation: compliance with labor law, BIR reporting, and statutory remittances
Legitimate interest: Service improvement and security

6. Biometric Data

Facial photos are collected solely for kiosk clock-in verification
Biometric data is stored securely with encryption
Employee consent is required before biometric enrollment
Employees may request deletion of their biometric data at any time
Biometric data is retained only while the employee is active and is deleted upon employee archival or account termination

7. Data Sharing & Disclosure

We do not sell personal data. We may share data only in the following circumstances:

With cloud infrastructure providers (hosting, storage) under data processing agreements
As required by Philippine law (BIR, SSS, PhilHealth, Pag-IBIG, DOLE)
If required by court order or legal process

8. Data Retention

Active account data: retained while your Subscription is active
After account termination: 30-day export window, then deletion
Statutory records: retained per Philippine labor law requirements (3 years minimum per DOLE regulations)
Biometric data: deleted upon employee archival or account closure

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

Encryption in transit (TLS) and at rest
Access controls and authentication
Regular security assessments
Secure hosting infrastructure

10. Your Rights as a Data Subject

Under RA 10173, you have the right to:

Be informed about how your personal data is processed
Access your personal data
Correct inaccurate or incomplete data
Request erasure or blocking of personal data
Request data portability
Object to the processing of your personal data
File a complaint with the National Privacy Commission (NPC)

To exercise any of these rights, contact us at support@timekeep.ph.

11. Cookies & Analytics

No third-party tracking cookies or analytics tools are used
Essential cookies are used only for session management (login state)

12. Contact & Complaints

Data Privacy Concerns

Email: support@timekeep.ph

National Privacy Commission

Website: privacy.gov.ph